A tentative study of Gsoap+onvif (ii): ONVIF authentication

An important part of the development of ONVIF is authentication, which is mentioned in the first generation of SOAP framework code in the previous article. Include the authentication file in the header file:

#import "Wsse.h"

Onvif to implement the authentication function, there are two ways: direct use of gSOAP source code files +openssl Library, cut the required code in the above file, self-implementation authentication function.

In the window end of the general adoption of the first way, more convenient, the need for the function of direct call on it, in fact, is mainly a function:

Soap_wsse_add_usernametokendigest (struct soap *soap, const char *id, const char *username, const char *password)

If the first method is called directly, the function of authentication is realized.
However, in the embedded side, the general storage space is limited, the use of less space scheme 2 is of course preferred. 1, the use of gSOAP first to the following with authentication related to the header files are added to their own project: gSOAP authentication to use the file:

DOM.C wsseapi.c smdevp.c mecevp.c threads.c wsaapi.c

There is also the corresponding header file. These files are generally in \gsoap-2.8\gsoap\plugin\, the files are copied to the compilation directory separately, unrelated files are not copied, preprocessing plus with_dom and WITH_OPENSSL; wsse series functions must link the OPENSSL library, such as: Libeay32.lib;ssleay32.lib;

Call Procedure:

soap_p2f = Soap_new ();//soap initialize
soap_set_namespaces (soap_p2f, namespaces);//namespace, use the. namespace file that was generated when the SOAP framework was generated earlier struct
_tptz__absolutemove The structure to be used by the ABSOLUTEMOVE;//PTZ ball, which will be referred to the
struct _tptz__absolutemoveresponse ABSOLUTEMOVERESPONSE;//PTZ the structure returned by the ball
Soap_wsse_add_usernametokendigest (soap_p2f, NULL, "admin", "ADMIN123456") The//wsse representation is the function of authentication function
Soap_default__tptz__absolutemove (soap_p2f, &absolutemove); the function of//defualt function is to empty the structure behind.
soap_default__tptz__absolutemoveresponse (soap_p2f, &absolutemoveresponse);
...//Fill absolutemove structure
soap_call___tptz__absolutemove (soap_p2f, Ball_onvifserver, NULL, &absolutemove, &absolutemoveresponse);//Send SOAP Call command

2. Realization of self-authentication

This is where you need to implement the function Soap_wsse_add_usernametokendigest. Embedded devices are used in this way. In fact, the source code is copied directly into their own project source code, the functions that need to be implemented are:

Soap_wsse_add_usernametokendigest (struct soap *soap, const char *id,    const char *username, const char *password)  
soap_wsse_add_usernametokentext (struct soap *soap, const char *id,  const char *username, const char *password);
soap_wsse_add_security (struct soap *soap);
Calc_digest (struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char HASH[SOAP_ Smd_sha1_size]); 
Calc_nonce (struct soap *soap, Char Nonce[soap_wsse_noncelen])
sha1padmessage (Sha1context *context)
Sha1processmessageblock (Sha1context *context)
sha1reset (sha1context *context)
sha1input (SHA1Context  *context,const  Char *message_array, unsigned  length)
sha1reset (Sha1context *context)

General Panorama Camera (embedded device) when sending a onvif ball control command to a ball machine, authentication is used in this way.
It is important to note that after each authentication, the header containing the verification information will be empty, so it is necessary to add the authorization operation before each operation . The recommended practice is to add the authentication statement to each command that requires authentication and encapsulate it to become its own command.